1

(2 replies, posted in wolfSSL)

Getting STM32F437 in large quantities seems to be a problem for suppliers because of export regulations so we're trying to avoid it. Plus we want to avoid being locked into a particular MCU because of the HW acceleration so we would rather have that provided externally. Plus the crypto chip would help in protecting IP and preventing clones so we prefer this approach. And its readily available.

2

(2 replies, posted in wolfSSL)

I'm evaluating WolfSSL on STM32F427 and I've been able to set up TLS 1.2 with software implementation only. I'm wondering how much would it speed up the process if I combine the MCU with a crypto chip like ATECC508A or ATSHA204. I'm talking specifically about improvements in the connection setup time and the resources freed up on the main MCU. I was also interested in WolfSSH and was also wondering if adding the chip will also speed up that as well.
For reference, it takes around 7-10 seconds to setup a connection to Google in my implementation.

The issue was a bug in the server code. We have patched the server and now can connect using WolfSSL 3.10.0. Thanks for your assistance.

The version I'm using is 3.9.8. Unfortunately the server I am connecting to is also running 3.9.8 and if I use 3.10.0 on the client side, it does not connect. So for now, I believe I have to make 3.9.8 work with HW encryption.
I did take a look at the CubeMX integration and I'll try to import that into 3.9.8 and get back to you. Thanks!

Hi, I have a project which uses DTLS over connections. For now I have successfully managed to run WolfSSL on controllers using only software implementation but the time required to setup the initial connection is abhorrent and I'm now looking to utilize HW crypto in the MCU to accelerate performance. From the STM32F2 implementation provided by WolfSSL, I have only seen a few crypto algorithms being retargeted to the hardware crypto. In my DTLS implementation I am utilizing quite a few different algos provided by WolfCrypt. As I am quite inexperienced with very low level details of the SSL library, I need some help to retarget almost all the encryption algorithms present in WolfSSL from software implementation to STM32 Crypto Hardware.

According to ST's Cube HAL framework, the algos supported by HW Encrytion are

STM32F437x/439x
– AES: CFB, OFB, XTS, CCM, GCM, CMAC, KeyWrap
Key size: 128, 192, 256 bit Crypto accelerator
– ECC: Key generation, Scalar multiplication, ECDSA Random number
generator (RNG) – RSA encryption/decryption functions with PKCS#1v1.5

So I would need help changing these algos in WolfSSL such that they use STM32 HW Acc. If someone can provide sample of this, that would be most appreciated. Thanks!